Identity Theft

Fighting For Our Privacy

July/August 2009

ByMartin T. Biegelman, CFE, ACFE Fellow, CCEP

Owen Thor Walker, an 18-year-old New Zealander, was a member of an international hacking group that infected at least 1.3 million computers and caused losses upward of $20 million. His cybercrime ring used programs he designed to access personal data (including usernames and passwords), distribute viruses, and steal credit card information, among other crimes. Other cybercriminals used his software to commit misdeeds.

Walker, known as "Akill," "Snow Walker," and "Snow Whyte," taught himself computer programming; through experimenting, he was able to create, refine, and enhance virus programs. Anti-virus software couldn't detect his encrypted virus. Although he was self-taught, "international investigators considered Walker's programming to 'be among the most advanced' they had encountered."1 The code "automatically disabled any anti-virus software on an infected computer and prevented the software from being updated. The computer could not tell the anti-virus software was not working."2

The New Zealand police, in conjunction with the FBI and Dutch authorities, uncovered Walker's network. The investigation began after a "distributed denial of service attack" caused Walker and University of Pennsylvania student Ryan Goldstein, apparently unintentionally, to crash the university's servers in 2006.3

Walker and Goldstein attempted to covertly use the university's servers to upgrade the botnet by uploading dated software onto the server and then have the infected botnet computers connect to the server to receive the update. However, this wave of server traffic crashed the server and disabled access.4

The FBI's investigation into the crash led them to Walker, while New Zealand police, working with Dutch authorities, traced payments from a company in the Netherlands to Walker. The company in question, ECS International, has been prosecuted for paying hackers to use their botnets to covertly install adware on unsuspecting users' computers. Walker earned about $36,000 for his work.5 This scam earned Walker and others a fee for each computer they infected.

Walker lived with his parents when he committed the crimes, but they thought he was just doing legal computer programming.6 His parents got a rude awakening when the FBI arrested Walker in November 2007 as part of its "Operation Bot Roast II." Walker later pleaded guilty to six computer crime charges, which carried penalties of up to seven years in jail on each charge.

The judge considered Walker's age, remorse, lack of criminal intent, and his condition (he has Asperger's syndrome, a mild form of autism) and dismissed the charges despite his guilty plea. However, he had to pay approximately $10,000 in damages plus about $5,000 in other costs.7